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(54) Personal mobility registration system for registration of a users identity in a 
telecommunications terminal 

(57) A system is provided for securely registering a 

new user's personal mobility information in a communi- tle 
cations terminal having existing registrations. The termi- 
nal owner provides information needed to verify the 
owner's identity and authorizes registration of a specific 
user identified by IMSI. The new user also provides 
information needed to verify the new user's identity, and 
requests the registration. A user identity module verifies 
the identity information provided by the terminal owner 
and new user, and through intermediaries including a 
serving system, negotiates with the new user's home 
system (home location register) to obtain subscription 
information and appropriate security information for the 
new user to permit system access. Registration is 
accomplished by storing this information in the user 
identity module. Advantageously, all negotiation occurs 
over the normal interface by which the terminal commu- 
nicates with the serving system, and the serving system CONTROL 
and home system need not be of the same family. The 
new registration may supplement or supersede one or 
more existing registrations. NEW USER 

HOME SYSTEM 

HLR 
PMRS FACILITY 



MESSAGE 
GEN & RCV 
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Description 

Field of the Invention 

[0001] This application relates to telecommunica- 5 
tions systems, and more particularly to the registration 
of a user's identity or a user's service subscription in a 
user-identity component of a telecommunications termi- 
nal. 

10 

Background of the Invention 

[0002] Many modern telecommunications systems 
provide various services and features to which users 
may subscribe with a service provider, prior to using the 15 
services. When a user accesses a telecommunications 
system, the system requires some means to identify the 
user or the user's subscription, in order to determine 
that the user is authorized to receive service from the 
system and to provide the specific services and features 20 
which are associated with the user or the user's sub- 
scription. In many wireline telecommunications sys- 
tems, such as those providing conventional wired 
telephone service, the solution to this problem is 
straightforward: the user's subscription information for 25 
an ordinary telephone line is usually associated in some 
way with the line (or some other fixed interconnection 
with the telecommunications network). In such systems, 
calls originating on a line are billed to, and receive fea- 
tures and other treatment appropriate for, the associ- 30 
ated subscription. Calls directed to a subscriber are 
delivered to the associated line, unless the subscriber 
has arranged through call forwarding or other means to 
have the call redirected. 

[0003] Identifying a user or a user's subscription in 35 
telecommunications systems serving wireless terminals 
is less straightforward. Users and their terminals may 
seek service at various locations within their "home" 
system, at locations in other systems of the same type 
or family, or in systems of a different type or family. Even 40 
within a home system, calls originated by wireless sub- 
scribers do not typically enter the system from respec- 
tive identifiable "lines" or other fixed interconnection 
points, and similarly calls destined for wireless subscrib- 
ers cannot be delivered consistently to respective lines 45 
or other fixed interconnection points. (A user's home 
system is the telecommunications system with which 
the user has a subscription or other arrangement under 
which service is provided, and the system which main- 
tains information sufficient to authenticate the user and so 
determine the parameters of service to be provided to 
the user. The term "system family" is used herein to 
refer to one or more telecommunications systems that 
share a defined set of telecommunications technolo- 
gies, protocols, functional behaviors, and/or conform- 55 
ance with one or more official standards, industry 
standards, or other conventions.) 
[0004] Accordingly, wireless terminals have histori- 
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cally been provided with information that identifies the 
terminal itself, a subscription associated with the termi- 
nal, or both. This information, or a derivative, is transmit- 
ted to a serving telecommunications system when 
access is sought and perhaps at other times. If the serv- 
ing system is the subscriber's home system, the serving 
system may already have information sufficient to 
authenticate the user and determine the parameters of 
service to be provided to the user. In other cases, the 
serving system may request this information from the 
subscriber's home system. 

[0005] For example, in original versions of the 
AMPS system, an early cellular system implemented in 
North America, each mobile terminal had a fixed Elec- 
tronic Serial Number (ESN) and a changeable Mobile 
Identification Number (MIN), which included the direc- 
tory number assigned by the home system to the sub- 
scription and the associated terminal. See, for example, 
Cellular Interim Standard 3 (CIS-3), a publication of the 
Telecommunications Industry Association (TIA). This 
arrangement has a number of disadvantages. When a 
terminal requests access to a system, the terminal 
transmits its associated ESN and MIN to the serving 
system in the clear, i.e., without encryption. This has 
allowed persons to steal service by recording the ESN 
and MIN of valid terminals/subscribers and reprogram- 
ming impostor terminals to mimic the terminals of valid 
subscribers. In addition, at least initially, although a ter- 
minal's MIN was changeable by a service provider or 
other technical personnel, it was not readily changeable 
by a subscriber. Thus, terminals were associated with a 
particular subscription for service, and were not 
equipped to obtain access to a user-selected one of 
several valid subscriptions associated with the user. 
[0006] Newer systems have introduced several 
improvements in the identification of a user or a user's 
subscription to a serving system. Terminals for AMPS 
systems have been produced that can request access 
under different MINs associated with several valid (but 
predetermined) subscriptions responsive to a user 
selection. In GSM wireless systems, each terminal has 
a Subscriber Identity Module (SIM), which contains 
information identifying a subscriber, and associated 
security information, which are necessary to obtain 
access to a GSM system. The SIM is removable from 
GSM terminals, allowing a SIM associated with a differ- 
ent existing subscription, and perhaps of a different sub- 
scriber, to be inserted into the terminal to obtain service 
under such subscription. The SIM, as used in the GSM 
system, is described in ETS 300 922, Digital Cellular 
Telecommunications System; Subscriber Identity Mod- 
ules (SIM); Functional Characteristics (GSM 02.17 ver- 
sion 5.0.1), April 1997, a publication of the European 
Telecommunications Standards Institute. However, as 
the size of wireless terminals has generally decreased, 
removable SIMs have become undesirable because the 
ability of a user to conveniently handle the SIM estab- 
lishes a limit on the degree to which the SIM may be 
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miniaturized. 

[0007] Other systems employ "Shared Secret Data" 
possessed by both the wireless terminal and the serv- 
ing system to authenticate the user or subscription 
associated with the wireless terminal. Cyr etaj U.S. Pat- 5 
ent No. 5,890,075 discloses a method for remotely 
updating the shared secret data stored in a mobile ter- 
minal by a wireless communications system over the air 
interface. In such systems, only derivatives of the 
shared secret data are transmitted over the air, such 
that an observer of the over-the-air messages cannot, 
without other secret information, derive the actual 
shared secret data required to obtain access to the sys- 
tem. 

[0008] Some prior art systems provide for remotely 
updating security information associated with an exist- 
ing user or an existing subscription, and other systems 
allow a user to select a particular subscription among 
several existing subscriptions to use for making and 
receiving calls. However, the prior art systems lack the 
ability to provide other desirable registration services. 
[0009] For example, a first wireless terminal owner 
and service subscriber may desire to authorize a sec- 
ond person to use the wireless terminal under the sec- 
ond person's own subscription. Although terminals 
adapted for use in a GSM system may have removable 
SI Ms by which a terminal may be selectably associated 
with a respective predefined subscription corresponding 
to each SIM, simply exchanging SIMs is unsatisfactory. 
Most terminals for systems other than GSM do not have 
removable SIMs, and GSM terminals are adapted for 
use only with SIMs from GSM systems, precluding use 
of the terminal by subscribers of other system families. 
Moreover, during the period the first subscriber's SIM 
has been replaced by the second subscriber's SIM, the 
first subscriber loses access to the terminal under that 
user's subscription. Accordingly, the first subscriber 
would not be able to use the terminal to make calls 
under that subscription, and calls intended for the first 
subscriber would not be delivered to the terminal during 
that period, unless the first subscriber had made special 
arrangements for such delivery (for example, by a call 
forwarding arrangement to the second subscriber). 
[0010] The present inventors have realized that 
none of the prior art systems enable a user to remotely 
register a new user identity or new subscription identity 
in a wireless terminal via the system's over-the-air inter- 
face. For the purpose of this application, "registration" 
means installing into a telecommunications terminal 
identity or security information for a user or a user's sub- 
scription. 

[0011] Accordingly, the need exists for a telecom- 
munications system which enables a user to remotely 
register a new user identity or new subscription identity 
in a telecommunications terminal via the interface by 
which the terminal and the system normally communi- 
cate. 



Objects and Summary of the Invention 

[0012] It is therefore an object of the invention to 
provide a telecommunications network, and methods for 
use therewith, which minimize the aforementioned dis- 
advantages of prior art systems. 
[0013] According to an embodiment of the present 
invention, a personal mobility registration system 
(PMRS) is provided for use in conjunction with a tele- 
communications network and terminals therefor. The 
PMRS comprises apparatus and/or associated meth- 
ods for registering a new user's identity and security 
information in a telecommunications terminal, based 
both on information supplied and input by the new user, 
and on information transferred to the terminal through 
the interface by which the terminal and the telecommu- 
nications network normally communicate. The term 
"new user" refers to a user whose identity and security 
information are not currently registered in the terminal. 
[0014] The term "telecommunications network" is 
used here to refer to either a single telecommunications 
system or a plurality of telecommunications systems 
which are suitably interconnected to cooperate for call 
completion and administrative functions, as is known in 
the art. The terminal owner's subscription may be asso- 
ciated with a first "home" system. The new user's sub- 
scription may be associated with a second "home" 
system. The terminal may be located in a region served 
by a third "serving" system. In some cases, all three of 
these systems may be distinct, and in other cases one 
or more of these functionally described systems may 
actually be the same system (e.g., the new user and the 
terminal owner may be associated with the same home 
system). Where the systems are distinct, they need not 
be members of the same system family. 
[0015] Each PMRS-equipped terminal may include 
a user identity module (UIM) which contains and is 
responsible for maintaining user identity and security 
information for at least one registered user, who is 
assumed to be the terminal owner. The UIM may be 
removable or non-removable, and may be a distinct 
component or may be an integrated part of the terminal. 
In order for a new user to become registered in a 
PMRS-equipped terminal, the terminal owner must 
authorize the new registration. The terminal owner 
enters an appropriate terminal function code (or other- 
wise requests the terminal to begin the authorization 
process). The terminal prompts the terminal owner for 
the owner's own identification and security code infor- 
mation, an identification of the new user, an indication of 
whether the new user registration is to replace any prior 
registration or be in addition thereto, and optionally, a 
validity period for the new user registration. The UIM 
verifies the information supplied by the terminal owner 
and indicates whether the attempted authorization was 
successful. 

[0016] If the attempted authorization was success- 
ful, the terminal then prompts the new user for that 
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user's identification and security code information. The 
UIM transmits a message via the serving system's air 
interface (or other interface in a non-wireless system) to 
the new user's home system requesting the home sys- 
tem provide certain security information needed to reg- 
isterthe new user's identity or subscription in the UIM of 
the terminal. The telecommunications network forwards 
the message, with appropriate inter-system translations 
where required, to the home system of the new user. 
The home system then negotiates with the UIM of the 
terminal to exchange authentication key generation 
information, such that upon completion, the home sys- 
tem and the UIM possess a matching set of authentica- 
tion keys for the new user. The home system and the 
UIM may employ well-known methods of exchanging 
key generation information, and calculating actual keys. 
Once the UIM possesses a suitable authentication key 
for the new user, registration of the new user information 
in the terminal is complete. 

Brief Description of the Drawings 

[0017] These and other features of the invention will 
be best understood by reference to the following 
detailed description of a preferred embodiment of the 
invention, taken in conjunction with the accompanying 
drawings, in which: 

Fig. 1 is a block diagram of a telecommunications 
network equipped with a preferred embodiment of a 
personal mobility registration system constructed 
according to the present invention; 
Figs. 2a and 2b form a flow diagram depicting a 
method for use in conjunction with the invention for 
registering a new user identity in a telecommunica- 
tions terminal and telecommunication network of 
Fig. 1 ; 

Figs. 3a-3b form a message flow diagram depicting 
a communication between a telecommunications 
terminal, an associated user identity module, a 
serving system, and a home system, for registering 
a user identity in conjunction with the system and 
method of Figs. 1 , 2a, and 2b; 
Fig. 4 is a block diagram of a facility housed in the 
visiting location register of a serving system for pro- 
viding certain functions required to implement the 
personal mobility registration service in the network 
of Fig. 1 ; 

Fig. 5 is a block diagram of a facility housed in the 
home location register of a terminal owner's home 
system for providing certain functions required to 
implement the personal mobility registration service 
in the network of Fig. 1 ; and 
Fig. 6 is a block diagram of a facility housed in the 
home location register of a terminal owner's home 
system for providing certain functions required to 
implement the personal mobility registration service 
in the network of Fig. 1 . 
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Detailed Description of the Preferred Embodiments 

[0018] Fig. 1 is a block diagram of a telecommuni- 
cations network 102 equipped with a preferred embodi- 

5 ment 100 of a personal mobility registration system 
(PMRS) constructed according to the present invention. 
[0019] The present application relates to telecom- 
munications systems. It will be appreciated that in the 
telecommunications arts, various signal leads, busses, 

10 data paths, data structures, channels, buffers, and other 
communications paths may be used to implement a 
facility, structure, or method for conveying information or 
signals, and are often functionally equivalent. Accord- 
ingly, unless otherwise noted, references to apparatus 

15 or data structures for conveying a signal or information 
are intended to refer generally to all functionally equiva- 
lent apparatus and data structures. 
[0020] Telecommunications network 102 may be 
constructed in a manner generally similar to other 

20 known telecommunications networks, but with certain 
components added, and other components modified, to 
provide the functions of PMRS 100, as further 
described herein. As best seen in Fig. 1, network 102 
comprises first, second, and third telecommunications 

25 systems 120, 130, and 140, respectively, each of which 
may operate self sufficiently for originating and termi- 
nating calls within the respective systems, and each 
may be considered an independent telecommunica- 
tions sub-network. A telecommunications terminal 110 

30 is adapted for communicating directly with telecommu- 
nications system 120. 

[0021] The systems or sub-networks 120, 130, and 
140 may be constructed to employ any suitable tele- 
communications technologies, protocols, or functional 

35 behaviors, and may be members of any system families 
now known or to be developed. The term "system fam- 
ily" is used herein to refer to one or more telecommuni- 
cations systems that share a defined set of 
telecommunications technologies, protocols, functional 

40 behaviors, and/or conformance with one or more official 
standards, industry standards, or other conventions. By 
virtue of such sharing, some level of direct interoperabil- 
ity may be provided between terminal equipment and 
infrastructure equipment of the same family, and some 

45 level of direct interoperability may be provided between 
telecommunications systems or infrastructures of the 
same family. For example, each of systems or subnet- 
works 1 20, 1 30, and 1 40 may be members of any of the 
system families commonly referred to as GSM, TDMA, 

so CDMA, or AMPS, and standardized in: 

GSM: GSM 01.02: Digital Cellular Telecommunica- 
tions System (Phase 2+); General Description 
of a GSM Public Land Mobile Network 
55 (PLMN); a publication of the European Tele- 

communications Standards Institute; 

TDMA: TIA/EIA IS-136, 800 MHz TDMA Cellular- 
Radio Interface-Mobile Station-Base Station 
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Compatibility; a publication of the Telecom- 
munications Industry Association; 

CDMA: TIA/EIA IS-95-A, Mobile Station - Base Sta- 
tion Compatibility Standard for Dual-Mode 
Wideband Spread Spectrum Cellular System, 5 
Rev. A; a publication of the Telecommunica- 
tions Industry Association; 

AMPS: ANSI TIA/EIA-553A, Cellular Systems Mobile 
Station - Base Station Compatibility Specifica- 
tion, a publication of the American National 
Standards Institute. 

[0022] Systems or subnetworks 120, 130, and 140 
are preferably connected to one another by a suitable 
network-to-network interface (NNI) 150, forming a 
larger telecommunications network 102. NNI 150 func- 
tions to provide an interoperable connection among the 
systems or subnetworks for both message content traf- 
fic (such as voice signals and user data signals) and 
administrative traffic (such as call signaling, user 
authentication, and billing information). Although a sin- 
gle NNI 150 to which several telecommunications sys- 
tems or subnetworks are connected is shown in Fig. 1 , 
it will be appreciated that any pair of systems could also 
be interconnected by a point-to-point signal path (not 
shown) with a suitable network-to-network interface (not 
shown) interposed therein. 

[0023] Where all interconnected systems are of the 
same family or have the same network-side public inter- 
face, NNI 150 may simply be a facility for transmission 
of administrative traffic and user message content traffic 
among systems. Where interconnected systems are of 
differing families, NNI 150 may provide translations 
between the formats of the administrative traffic and 
user message content traffic required by the respective 
systems. Alternatively, NNI 150 may be implemented as 
a transmission and switching facility for administrative 
traffic and user message content traffic which conforms 
to a defined common interface format. In that case, 
each system connected to the NNI 150 would be 
responsible for translating administrative and user mes- 
sage content traffic between that system's native format 
and the defined common interface format of the NNI 
150. For example, NNI 150 may be implemented using 
the standardized intersystem operations protocol 
known as ANSI-TIA/EIA 41 -D: Cellular Radiotelecom- 
munications Intersystem Operations, a publication of 
the American National Standards Institute. 
[0024] As best seen in Fig. 1, telecommunications 
systems or subnetworks 120, 130, and 140 have spe- 
cific functional roles in the context of the exemplary 
embodiment of the inventive PMRS 100, and these 
roles will hereafter be used in referring to the systems. 
System 120 functions as a serving system for terminal 
110 and is responsible for direct communications with 
terminal 110. System 130 functions as the home sys- 
tem of the owner of terminal 1 1 0 (or other user already 
registered in the terminal), and is responsible for, inier 



alja , maintaining on a primary basis the subscription 
information and authentication information relating to 
the telecommunications service of the terminal owner 
(or other user already registered in the terminal). Sys- 
tem 140 functions as the home system of a new user 
who desires to register his or her identity in terminal 1 1 0 
so that he or she may use terminal 110 to make and 
receive calls (or access other services) under a sub- 
scription arrangement with system 140. New user home 
system (NUHS) 140 is responsible for, mter a n a , main- 
taining on a primary basis the subscription information 
and authentication information relating to the new user's 
telecommunications service. 

[0025] Serving system (SS) 120 comprises a home 
location register (HLR) 122, a visiting location register 
(VLR) 124, and a switching center 128. Switching 
center 128 is connected to VLR 124 via data path 158 
and to HLR 122 via another data path (not shown). HLR 
122 and VLR 124 are connected to each other and to 
NNI 150 via data path 160. The data paths shown 
herein are simplified for clarity to indicate the logical 
flow of information relevant to the present invention, but 
are not intended to illustrate the physical organization of 
the telecommunications system 120. However, the 
design and construction of telecommunications sys- 
tems suitable for use as serving system 1 20 is known in 
the art, and such systems are commercially available 
from several manufacturers. 

[0026] For example, serving system 120 could be 
implemented using the Autoplex/Flexent wireless tele- 
communications system, a product of Lucent Technolo- 
gies Inc., 600 Mountain Avenue, Murray Hill, New 
Jersey 07974-0636. Switching center 128 could be 
implemented using the 5ESS-2000 digital switching 
system, also a product of Lucent Technologies Inc. The 
functions of the VLR 122, the HLR 124, and the switch- 
ing center 1 28 in a telecommunications system are gen- 
erally known in the art, and therefore only those 
features required to provide the functions of PMRS 100 
will be described. Although Fig. 1 depicts the HLR, VLR, 
and switching system in serving system 120 as single, 
individual units, it will be appreciated that the functions 
of all could be implemented in a single physical unit and 
that the functions of any could be distributed among plu- 
ral physical units. As is known in the art, serving system 
120 may also include other components, which are not 
germane to the invention and are not described here. 
[0027] VLR 124 includes a VLR PMRS facility 126 
which provides several functions required to implement 
the PMRS 100. As best seen in Fig. 4, facility 126 
includes storage 1 70 for a local copy of subscription and 
authentication information for each user who has been 
registered in a terminal using the PMRS. Facility 126 
further comprises a message relay 174 including tem- 
porary storage for messages to be relayed between the 
terminal 110andTOHS 130 or NUHS 140. Where nec- 
essary, message relay 1 74 also reformats or regener- 
ates messages to be sent or which arrive in a format or 
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protocol different from that of the serving system's 
native format or protocol. Facility 126 also includes a 
control 176 and suitable control instruction storage 178 
for coordinating the operation of the subscription stor- 
age, the message relay, and the temporary storage. 
Although VLR PMRS facility 126 and its components 
are shown as distinct objects in the figures, the compo- 
nents and resources of facility 126 could also be inte- 
grated with the components and resources used by 
VLR 124 to provide the other functions customarily pro- 
vided by a VLR. 

[0028] As best seen in Fig. 1 , a telecommunications 
terminal 110 is adapted for direct communications with 
serving system 120. Terminal 110 comprises a main 
functions module 114 which provides a user interface, 
an interface to serving system 120, facilities for 
exchanging message content traffic (such as voice or 
data signals) with the user and for encoding and decod- 
ing such traffic and exchanging it with serving system 
120, facilities for establishing a communications con- 
nection and for negotiating other administrative opera- 
tions with serving system 120. 

[0029] Terminal 1 1 0 further comprises a user iden- 
tity module (UIM) 112 including a control 116 and stor- 
age 118. The UIM 112 maintains security and 
subscription information for one or more users who 
have registered their identity in terminal 110 using 
PMRS 100. The UIM 112 receives messages or other 
signals from the main functions module 114 relating to 
security and subscription information, and updates its 
storage as necessary to provide desired functions. 
When the main functions module 114 informs the UIM 
112 that a terminal owner or new user has requested 
registration of the new user in the terminal 110, UIM 112 
manages collection of user identification and security 
code information, and originates and receives mes- 
sages exchanged between the terminal 110 and other 
components of telecommunications network 1 02 neces- 
sary to accomplish the registration. This process is 
described further in greater detail in connection with 
Figs. 2a-2b and 3a-3b. Control 116 thus functions as a 
message generator and receiver, and as a user sub- 
scription and security storage 1 1 8 updating component. 
[0030] The UIM 112 may be removable or non- 
removable. Although the UIM 112 is depicted in Fig. 1 
as a distinct component of terminal 110, UIM 112 may 
also be implemented as an integrated part of the main 
functions module 114. UIM 112 may be implemented 
using any suitable storage and control technology. For 
example, UIM 112 may be implemented as a micro- 
processor based smart card of the types generally dis- 
closed in Suhir U.S. Patent No. 5,703,350, Bartholomew 
et al. U.S. Patent No. 5,724,417, or Clifton et al. U.S. 
Patent No. 5,719,437. Other types of smart cards, and 
other non-smart-card implementations of UIM 112 
could also be used. 

[0031] As best seen in Fig. 1, terminal 110 and 
serving system 120 are linked by a suitable communica- 



tions facility. For example, the communications facility 
may be implemented using a radio link 154, as is known 
in the art, employing a terminal-side radio transceiver 
152 and a serving-system-side radio transceiver 156, 

5 each compatible with the air interface of serving system 
120. Although the systems 120, 130, 140, and the ter- 
minal 1 1 0 of telecommunications network 1 02 are gen- 
erally described herein in the context and terminology of 
known wireless or mobile telecommunications systems, 

j 0 the inventive PMRS 100 may also be used with tele- 
communications terminals and systems of other types. 
In particular, the PMRS 100 may also be used to advan- 
tage in telecommunications systems in which the termi- 
nal is fixed and/or in which the terminal and the system 

15 are connected via wire, fiber, or other generally fixed 
interconnection facilities, as depicted by link 166. 
[0032] As best seen in Fig. 1 , the TOHS 130 com- 
prises an HLR 132, a VLR 134, and a switching center 
(not shown). HLR 132 and VLR 134 are connected to 

20 each other and to NNI 1 50 via data path 1 62. The data 
paths shown herein are simplified for clarity to indicate 
the logical flow of information relevant to the present 
invention, but are not intended to illustrate the physical 
organization of the telecommunications system 130. 

25 However, the design and construction of telecommuni- 
cations systems suitable for use as TOHS 130 is known 
in the art, and such systems are commercially available 
from several manufacturers. 

[0033] For example, TOHS 130 could be imple- 
30 mented using the Autoplex/Flexent wireless telecommu- 
nications system, a product of Lucent Technologies Inc., 
600 Mountain Avenue. Murray Hill, New Jersey 07974- 
0636. The functions of the VLR 1 32, and the HLR 1 34 in 
a telecommunications system are generally known in 
35 the art, and therefore only those features required to 
provide the functions of PMRS 100 will be described. 
Although Fig. 1 depicts the HLR and VLR in TOHS 130 
as single, individual units, it will be appreciated that the 
functions of all could be implemented in a single physi- 
40 cal unit and that the functions of any could be distributed 
among plural physical units. As is known in the art, 
TOHS 130 may also include other components, which 
are not germane to the invention and are not described 

45 [0034] TOHS HLR 132 includes a TOHS HLR 
PMRS facility 136 which provides several functions 
required to implement the PMRS 100. Typically, HLR 
132 includes the functions of an authentication center; 
such HLRs are sometimes designated HLR/AC or 

so HLR/AUC. Hereafter, references to a home location reg- 
ister (HLR) are intended to include HLRs providing the 
authentication center function, where applicable. As 
best seen in Fig. 5, facility 136 includes storage 180 for 
a primary copy of subscription and authentication infor- 

55 mation for each subscriber of TOHS 130, including the 
owner of terminal 110. Facility 136 also includes a key 
generator 182 for generating a key (which may include 
primary and secondary keys) used to authenticate a 
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user, based in part on information received from the 
user and/or the terminal 110. Facility 136 further com- 
prises a message generator and receiver 1 84 including 
temporary storage for messages. Where necessary, 
message generator and receiver 184 also reformats or 5 
regenerates messages to be sent or which arrive in a 
format or protocol different from that of the native format 
or protocol of the TOHS 130. Facility 136 also includes 
a control 186 and suitable control instruction storage 
1 88 for coordinating the operation of the subscription 
storage, the key generator, the message generator and 
receiver, and the temporary storage. Although TOHS 
HLR PMRS facility 136 and its components are shown 
as distinct objects in the figures, the components and 
resources of facility 136 could also be integrated with 
the components and resources used by HLR 132 to pro- 
vide the other functions customarily provided by an 
HLR. 

[0035] As best seen in Fig. 1, the NUHS 140 com- 
prises an HLR 142, a VLR 144, and a switching center 
(not shown). HLR 142 and VLR 144 are connected to 
each other and to NNI 150 via data path 164. The data 
paths shown herein are simplified for clarity to indicate 
the logical flow of information relevant to the present 
invention, but are not intended to illustrate the physical 
organization of the telecommunications system 140. 
However, the design and construction of telecommuni- 
cations systems suitable for use as NUHS 1 40 is known 
in the art, and such systems are commercially available 
from several manufacturers. 
[0036] For example, NUHS 140 could be imple- 
mented using the Autoplex/Flexent wireless telecommu- 
nications system, a product of Lucent Technologies Inc., 
600 Mountain Avenue, Murray Hill, New Jersey 07974- 
0636. The functions of the VLR 1 42, and the HLR 1 44 in 
a telecommunications system are generally known in 
the art, and therefore only those features required to 
provide the functions of PMRS 100 will be described. 
Although Fig. 1 depicts the HLR and VLR in NUHS 140 
as single, individual units, it will be appreciated that the 
functions of all could be implemented in a single physi- 
cal unit and thatthe functions of any could be distributed 
among plural physical units. As is known in the art. 
NUHS 140 may also include other components, which 
are not germane to the invention and are not described 
here. 

[0037] NUHS HLR 142 includes a NUHS HLR 
PMRS facility 146 which provides several functions 
required to implement the PMRS 100. Typically, HLR 
142 includes the functions of an access controller; such 
HLRs are sometimes designated HLR/AC. As best seen 
in Fig. 6, facility 146 includes storage 190 for a primary 
copy of subscription and authentication information for 
each subscriber of NUHS 140, including the new user 
desiring to register his or her identity in terminal 110. 
Facility 1 46 also includes a key generator 1 92 for gener- 
ating a key (which may include primary and secondary 
keys) used to authenticate a user, based in part on infor- 
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mation received from the user and/or the terminal 1 1 0. 
Facility 1 46 further comprises a message generator and 
receiver 1 94 including temporary storage for messages. 
Where necessary, message generator and receiver 194 
also reformats or regenerates messages to be sent or 
which arrive in a format or protocol different from that of 
the native format or protocol of the NUHS 140. Facility 
146 also includes a control 196 and suitable control 
instruction storage 198 for coordinating the operation of 
the subscription storage, the key generator, the mes- 
sage generator and receiver, and the temporary stor- 
age. Although NUHS HLR PMRS facility 146 and its 
components are shown as distinct objects in the figures, 
the components and resources of facility 146 could also 
be integrated with the components and resources used 
by HLR 142 to provide the other functions customarily 
provided by an HLR. 

[0038] For purposes of explanation of an exemplary 
embodiment of the invention, each of the systems 120, 
130, and 140 are described herein as distinct from one 
another, and as noted above, each may be a member of 
any suitable known system family. However, the func- 
tions of any two or more of systems 120, 130, and 140 
could be provided by a single system. For example, if 
both the terminal owner and the new user have service 
subscription arrangements with the same system, that 
one system would function as both the terminal owner 
home system (TOHS) 130 and NUHS 140. In that case, 
the explicit interconnection and network-to- network 
interface between those systems would be unneces- 
sary. Although telecommunications network 102 is 
depicted as comprising three systems or subnetworks, 
any number of additional systems may be present in the 
network 102. 

[0039] Fig. 2a-2b form a flow diagram depicting a 
method 200 for use in conjunction with the PMRS 100 
for registering a new user identity in the telecommunica- 
tions terminal 110 (Fig. 1) and telecommunication net- 
work 102 (Fig. 1). Figs. 3a-3b form a message flow 
diagram depicting a series 200a of communications 
between a telecommunications terminal, an associated 
user identity module, a serving system, and a home 
system, for registering a user identity in conjunction with 
the system 100 (Fig. 1) and method 200 (Figs. 2a-2b). 
Figs. 2a-2b and 3a-2b may be best understood if con- 
sidered together. Reference characters in the range 
200-299 with no letter suffix refer to a step of method 
200 and are shown in Figs. 2a-2b; the same reference 
characters with a letter suffix refer to respective corre- 
sponding messages of message flow 200a and are 
shown in Figs. 3a-3b. 

[0040] Method 200 begins with step 210, in which 
the owner of terminal 110 employs the user interface of 
the terminal to enter a request to authorize the registra- 
tion of a new user in terminal 110. The request may, for 
example, be entered by the user by typing a function 
code into the keyboard of the terminal. The new user 
registration may be an addition to the existing registra- 
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tions for terminal 110, or the new user registration may 
replace one or more existing registrations for terminal 
1 1 0, as selected by the terminal owner in a further step. 
In step 212, the terminal 110 (by way of component 
114) delivers the request as a message 212a to the 
user identity module (U IM) 1 1 2 of the terminal. The term 
"message" as used in conjunction with Figs. 2-3 may 
include flags, semaphores, signals, pulses, or other any 
other indicia functionally equivalent to a message. 
[0041] In step 214, the UIM instructs the terminal 
110 via message 214a to collect from the terminal 
owner information to verify identity of the terminal owner 
(including the owner's International Mobile Subscriber 
Identifier (IMSI) and the owner's personal identification 
number (PIN)), information identifying the new user for 
whom registration is to be authorized (including the new 
user's IMSI), and an indication of the terminal owner's 
choice as to whether the new registration is to be added 
to, or replace, one or more existing registrations. The 
information used to verify the identification of the termi- 
nal owner may, for example, take the form of digits 
entered by the terminal owner to specify the IMSI and 
PIN. However, other forms of information capable of 
securely verifying a user identity, including finger prints, 
voice prints, iris images, and the like, could also be 
used. Optionally, the terminal owner may elect deletion 
of an existing registration without adding a new registra- 
tion. In step 216, the terminal prompts the owner for, 
and collects the required information. In step 218, the 
terminal delivers the collected information to the UIM via 
message 218b. 

[0042] In step 220, the UIM compares the collected 
information to information stored in storage 118 to 
determine whether the terminal owner provided correct 
identity verification information. If the terminal owner did 
not provide correct verification information, the method 
200 is terminated (not shown), and the terminal 
returned to normal operation. In that case, terminal 1 1 0 
may display a message (not shown) to the user indicat- 
ing that verification of the identity of the terminal owner 
failed. If the terminal owner did provide correct verifica- 
tion information, in step 222 the UIM advises the termi- 
nal via message 222b that registration of the new user 
has been successfully authorized by the terminal owner. 
Also in step 222, the UIM also records for later use in 
storage 1 18 the new user's IMSI as one for which regis- 
tration is authorized. 

[0043] In step 224, the new user employs the user 
interface of the terminal to enter a request to register the 
user's identity in the terminal. The request may, for 
example, be entered by the user by typing a function 
code into the keyboard of the terminal. In step 226, the 
terminal delivers the request as a message 236a to the 
UIM 1 12. In step 228, the UIM instructs the terminal 1 1 0 
via message 228a to collect identity verification informa- 
tion from the new user (including the new user's IMSI 
and PIN). In step 230, the terminal prompts the new 
user for, and collects, the required information. The 



information used to verify the identification of the new 
user may, for example, take the form of digits entered by 
the user to specify the IMSI and PIN. However, other 
forms of information capable of securely verifying a user 
5 identity, including finger prints, voice prints, iris images, 
and the like, could also be used. In step 232, the termi- 
nal delivers the collected information to the UIM via 
message 232b. 

[0044] In step 234, the UIM compares the collected 
10 information to information stored in storage 118 (step 
218) to determine whether the new user's IMSI is one 
for which registration has been authorized by the termi- 
nal owner. If the new user's IMS is not one for which reg- 
istration is authorized, the method 200 is terminated 
15 (not shown), and the terminal returned to normal opera- 
tion. In that case, terminal 1 1 0 may display a message 
(not shown) to the user indicating that the user associ- 
ated wit the entered IMSI has not been authorized to 
register. If the new user's IMSI is one for which registra- 
nt) tion is authorized, in step 234 the UIM generates and 
sends to the terminal 110 for ultimate delivery to the 
PMRS facility 146 (Figs. 1 and 6) of NUHS VLR 142 
(Figs. 1 and 3) a r egister_new_user message 234a 
requesting registration of the new user. Also in step 234, 
25 the UIM records the new user IMSI and PIN in storage 
118 for later use. Further in step 234, if the terminal 
owner elected in step 216 to replace or delete an exist- 
ing registration, the UIM transmits a message (not 
shown) to the HLR of the home system of the user to be 
30 deleted or replaced (such as TOHS 130), causing the 
home system HLR to delete the record of registration in 
a visited system with respect to that user. 
[0045] In step 236, the terminal appends the new 
user IMSI and PIN to the reg / S f er new user message and 
35 forwards the message 236b to the switching center 1 28 
of the serving system 120 over wireless link 154 or fixed 
link 166. This communication occurs over the normal 
interface (e.g. the "air-interface" in a wireless system) by 
which the terminal 1 1 0 normally communicates with the 
40 sewing system 120. In step 238, the switching center 
128 forwards the re gister_new_user message 238b to the 
VLR 124 of the serving system 120, where it is delivered 
to the message relay 174 of PMRS facility 126 (Figs. 1 

45 [0046] In step 240, the PMRS facility 126 of the 
serving system VLR 124 forwards the r egister_new_user 
message 240a to the HLR/AC 142 of the new user's 
home system 140, where it is delivered to the message 
generator and receiver 194 of PMRS facility 146 (Figs. 1 

so and 6). If the message 240a must traverse a network-to- 
network interface 150 or boundary, and the serving sys- 
tem VLR PM RS facility 1 26 is aware that the family type 
of the new user's home system is the same as the family 
type of the serving system, the serving system VLR 

55 PMRS facility 126 may transmit message 240a in the 
native format of the serving and home systems. Other- 
wise, the serving system VLR PMRS facility 126 must 
transmit message 240a in an appropriate interfamily for- 
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mat commonly recognized by both sender and receiver. 
As an alternative, the NNI 150 could provide translation 
between dissimilar home and serving system message 
formats. 

[0047] In step 242, the message generator and 
receiver 194 of PMRS facility 146 (Figs. 1 and 6) of 
NUHS HLR 142 receives and analyzes the 
register_new_user message. NUHS HLR PMRS facility 
146 is preferably capable of interpreting messages in 
both the native format of the NUHS' system family or an 
interfamily format recognized by both the NUHS HLR 
PMRS facility 146 and the serving system VLR PMRS 
facility 126. The HLR 142 has a record of the new user's 
subscription, identity, and identity verification informa- 
tion. The NUHS HLR PMRS facility 146 optionally veri- 
fies that the new user IMSI and PIN received in the 
register_new_user message match those contained in the 
HLR records. If the new user verification fails, the new 
user is denied registration. Otherwise, the NUHS HLR 
PMRS facility 146 responds by sending a 
terminai_key_request message 242a to the serving system 
VLR 124, where it is delivered to the serving system 
VLR PMRS facility 126. 

[0048] If the terminal_key_request message 242a must 

traverse a network-to-network interface 150 or bound- 
ary, and the NUHS HLR PMRS facility 146 is aware that 
the family type of the serving system is the same as the 
family type of the new user's home system, the NUHS 
HLR PMRS facility 146 may transmit message 242a in 
the native format of the serving and home systems. Oth- 
erwise, the NUHS HLR PMRS facility 146 must transmit 
message 242a in an appropriate interfamily format com- 
monly recognized by both sender and receiver. As an 
alternative, the NNI 150 could provide translation 
between dissimilar home and serving system message 
formats. 

[0049] The terminai_key_request message includes 
certain information ultimately needed by the UIM 1 12 to 
calculate authentication keys to be used to obtain 
access to the serving system, including a modulus 
value parameter, a primitive value parameter, and a key 
generation procedure parameter. Accordingly, also in 
step 242, the NUHS HLR 142 generates a home-sys- 
tem random exponent, a modulus value parameter, and 
a primitive value parameter, and based thereon calcu- 
lates a home system key. Several methods of generat- 
ing keys and security related parameters, and 
exchanging them between a home system, a telecom- 
munications terminal, and any intermediaries, are 
known in the art. In a preferred embodiment, these pro- 
cedures may be performed substantially as described in 
"ANSI 41 -D Enhancements for Over-The-Air Service 
Provisioning (OTASP) & Parameter Administration 
(OTAPA)", which was published in ballot form by the 
Engineering Subcommittee TR-45.2 of the Telecommu- 
nications Industry Association under the designation 
TIA/EIA PN-4173, October 28, 1998, and may have 
been or is to be published as an interim standard under 
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the designation IS-725-A. 

[0050] In step 244, the serving system VLR PMRS 
facility 126 forwards the terminal key request message 
244a to the serving system switching center 128. Serv- 

5 ing system VLR PMRS facility 126 is preferably capable 
of interpreting messages in both the native format of the 
serving system's family or an interfamily format recog- 
nized by both the serving system VLR PMRS facility 
1 26 and the NUHS HLR PMRS facility 146. In step 246, 

w the serving system switching center forwards the 
terminai_key_request message 246a to the terminal 110 
over wireless link 154 or fixed link 166. This communi- 
cation occurs over the normal interface (e.g. the "air- 
interface" in a wireless system) by which the terminal 

15 110 normally communicates with the serving system 
120. 

[0051] In step 248, the terminal forwards the 

terminal_key_request message 248a to the UIM 112. In 

step 250, the UIM calculates a terminal key based on 
20 the parameters received in the terminal key request mes- 
sage 248a, including a modulus value parameter, a 
primitive value parameter, and a key generation proce- 
dure parameter, and a UIM-generated random expo- 
nent, in accord with the procedures of the TIA/EIA IS- 
25 725A specification (cited previously). Also in step 250, 
the UIM generates a t erminai_key_response message 250a 
and delivers it to the terminal 110. In step 252, the ter- 
minal forwards the terminai_key_response message 252a to 
the serving system switching center 128. In step 254, 
30 the serving system switching center 128 forwards the 
terminai_key_res P onse message 254a to the serving sys- 
tem VLR PMRS facility 126. In step 256, the serving 
system VLR PMRS facility 126 forwards the 

terminal_key_response message 256a to the NUHS HLR 

35 PMRS facility 146. The serving system VLR PMRS 
facility 126 transmits the message in an appropriate for- 
mat as described in connection with step 240. 
[0052] In step 258, the NUHS HLR PMRS facility 
146 responds by sending a gen erate_key message 258a, 

40 including the home system key parameter previously 
calculated in step 242, in accord with the procedures of 
the TIA/EIA IS-725A specification (cited earlier), to the 
serving system VLR PMRS facility 126. NUHS HLR 
PMRS facility 146 transmits the message in an appro- 

45 priate format as described in connection with step 242. 
[0053] In step 260, the serving system VLR PMRS 
facility 126 forwards the genem te_key message 260a to 
the serving system switching center 128. The serving 
system VLR PMRS facility 126 transmits the message 

so in an appropriate format as described in connection with 
step 244. In step 262, the serving system switching 
center 128 forwards the ge nerate_key message 262a to 
terminal 110. In step 264, the terminal 1 1 0 delivers the 

generate_key message 264a to UIM 112. 

55 [0054] In step 266, the UIM calculates a primary 
authentication key based on the home system key 
parameter, the modulus value parameter, and the UIM- 
generated random exponent which was used previously 
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in step 250 in accord with the procedures of the TIA/EIA 
IS-725A specification (cited previously). Also in step 
266, the UIM delivers to the terminal 1 1 0 in a message 
266a the terminal key calculated in step 250. Subse- 
quently, in steps not shown but which are part of the 
conventional TIA/EIA IS-725A key negotiation process, 
the terminal key is transmitted to the home system, and 
the home system calculates a primary authentication 
key using the terminal key, the modulus value, and the 
home-system-generated random exponent previously 
used in step 242. The home-system-calculated primary 
authentication key is the same as the primary authenti- 
cation key earlier calculated by the UIM in step 266. 
[0055] The registration of the new user has now 
been completed, and the method ends at oval 268. 
[0056] Thus, there has been disclosed a personal 
mobility registration system (PMRS) for use in conjunc- 
tion with a telecommunications network and terminals 
therefor. The PMRS comprises apparatus and/or asso- 
ciated methods for registering a new user's identity and 
security information in a telecommunications terminal, 
based both on information supplied and input by the 
new user, and on information transferred to the terminal 
through the interface by which the terminal and the tele- 
communications network normally communicate. 
Advantageously, both the terminal owner and the new 
user must concur to enable the registration process. 
The registration process may occur with appropriate 
security even when the terminal is served by a system 
remote from the home system, and even when the serv- 
ing system is of a family different from that of the home 
system. 

[0057] The present application relates to telecom- 
munications systems, which may be implemented using 
a variety of electronic and optical technologies, includ- 
ing but not limited to: analog electronic systems; digital 
electronic systems; microprocessors and other 
processing elements; and software and other embodied 
collections of steps, instructions, and the like, for imple- 
menting methods, processes, or policies in conjunction 
with such systems and processing elements. The 
embodiments described herein are exemplary. Thus it 
will be appreciated that although the embodiments are 
described in terms of specific technologies, other equiv- 
alent technologies could be used to implement systems 
in keeping with the spirit of the present invention. 
[0058] The above-described embodiment of the 
invention is merely one example of a way in which the 
invention may be carried out. Other ways may also be 
possible and are within the scope of the following claims 
defining the invention. 



a user identity module coupled to said terminal, 
said user identity module having storage 
means for modifiably storing information corre- 
sponding to one or more terminal users; 
5 means in said terminal and a serving telecom- 

munications system adapted for establishing a 
communications link therebetween for carrying 
both user message content and control/admin- 
istrative traffic; 

10 a home telecommunications system associ- 

ated with said new user and in communication 
with said serving telecommunications system, 
said home telecommunications system having 
a home location register, 

15 said home location register having an authenti- 

cation key information generator; 
said terminal having a user interface for receiv- 
ing, from said new user, user identity informa- 
tion, user verification information, and a 

20 request for registration; 

said terminal operative in response to said 
request for registration and in cooperation with 
said user identity module to transmit via a com- 
munications link established by said establish- 

25 ing means a message destined for said home 

location register including said user identity 
and user verification information for said new 
user; 

said home location register and said authenti- 
30 cation key information generator operative in 

response to said message to generate authen- 
tication key information corresponding to said 
new user and to transmit via said communica- 
tions link and destined for said user information 
35 module said authentication key information 

corresponding to said new user; and 
said user identity module operative in response 
to said authentication key information corre- 
sponding to said new user to generate a pri- 
40 mary authentication key corresponding to said 

new user and to store said user identity infor- 
mation and said primary authentication key in 
said storage means. 

45 2. The system of claim 1 wherein said serving tele- 
communications system provides wireless telecom- 
munications service, and said terminal is a wireless 
telecommunications terminal. 

so 3. The system of claim 2 wherein said communica- 
tions link is a wireless communications link. 



Claims 

1. A system for effecting registration of user identity 
information for a new user in a terminal of a tele- 
communications network comprising: 



4. The system of claim 1 wherein said serving tele- 
communications system provides wired telecom- 
munications service and said terminal is a wired 
telecommunications terminal. 

5. The system of claim 4 wherein said communica- 
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tions link is a line interconnecting serving telecom- 
munications system and said wired 
telecommunications terminal. 

6. The system of claim 1 , 

said storage means of said user identity mod- 
ule further containing means for storing user 
identity information and user verification infor- 
mation corresponding to a person authorized to 
control access to said terminal; and 
said user interface being adapted to receive 
from said terminal owner an authorization to 
register user identity information for said new 
user, user identity information corresponding to 
said owner of said terminal, and user verifica- 
tion information corresponding to said owner of 
said terminal; 

and said user identity module and said terminal 
being adapted to cooperatively determine 
whether said user identity and user verification 
information received from said terminal owner 
matches said user identity and user verification 
information contained in said storage. 

7. The system of claim 6, 

said home location register further comprising 
means for storing user identity information and 
user verification information corresponding to 
said new user; and 

said home location register determining 
whether said user identity and user verification 
information of said new user received from said 
terminal corresponds to said user identity and 
user verification information contained in said 
means for storing user identity and user verifi- 
cation information. 

8. The system of claim 1 wherein said serving system 
is a member of a first system family and said home 
system is a member of a second system family dif- 
ferent from said first system family; said first system 
family employing a first intrasystem message for- 
mat; said second system family employing a sec- 
ond intrasystem message format; said serving 
system and said home system communicating in an 
interfamily message format different from said first 
and second intrasystem message formats. 

9. The system of claim 1 wherein said serving system 
employs a first intrasystem message format; said 
serving system and said home system communi- 
cating in an interfamily message format different 
from said first intrasystem message format. 

10. The system of claim 9 wherein said home system 
employs a second intrasystem message format; 



said serving system and said home system com- 
municating in an interfamily message format differ- 
ent from said first and second intrasystem message 
formats. 



11. A system for effecting registration of user identity 
information for a new user in a terminal in commu- 
nication with a serving telecommunications system, 
said terminal and said serving telecommunications 
system communicating over a communications link 
carrying both user message content and con- 
trol/administrative traffic, said system comprising: 

a user identity module coupled to said terminal, 
said user identity module having modifiable 
storage for information corresponding to one or 
more terminal users; 

said terminal having a user interface for receiv- 
ing, from said new user, user identity informa- 
tion, user verification information, and a 
request for registration; 

said terminal operative in response to said 
request for registration and in cooperation with 
said user identity module to transmit via said 
communications link a message including said 
user identity and user verification information 
for said new user; 

said serving telecommunications system 
responsive to said request for registration to 
transmit to said terminal via said communica- 
tions link and destined for said user information 
module a reply to said message; and 
said user identity module operative in response 
to said reply to store said user identity informa- 
tion in said modifiable storage. 

12. The system of claim 1 1 wherein said reply includes 
authentication key information corresponding to 
said new user. 

13. The system of claim 12 wherein said user identity 
module is operative in response to said authentica- 
tion key information corresponding to said new user 
to generate a primary authentication key corre- 
sponding to said new user and to store said primary 
authentication key in said modifiable storage. 

14. The system of claim 11 wherein said serving tele- 
communications system provides wireless telecom- 
munications service, and said terminal is a wireless 
telecommunications terminal. 

15. The system of claim 11 wherein said communica- 
tions link is a wireless communications link. 

16. The system of claim 11 wherein said serving tele- 
communications system provides wired telecom- 
munications service and said terminal is a wired 
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telecommunications terminal. 

17. The system of claim 16 wherein said communica- 
tions link is a line interconnecting serving telecom- 
munications system and said wired 
telecommunications terminal. 

18. The system of claim 1 1 , 

said modifiable storage of said user identity 
module further containing user identity infor- 
mation and user verification information corre- 
sponding to an owner of said terminal; 
said user interface receiving, from said terminal 
owner an authorization to register user identity 
information for said new user, user identity 
information corresponding to said owner of 
said terminal, and user verification information 
corresponding to said owner of said terminal; 
and said user identity module in cooperation 
with said terminal determining whether said 
user identity and user verification information 
received from said terminal owner matches 
said user identity and user verification informa- 
tion contained in said storage. 

19. A method for use in a telecommunications terminal 
for registering an identity of a new user in a tele- 
communications terminal, at least one preexisting 
registered user identity of a terminal owner being 
associated with the terminal, comprising the steps 
of: 

receiving from the terminal owner information 
to verify the identity of the terminal owner and a 
request to register the identity of the new user; 
receiving information to verify the identity of the 
new user and a request to register the identity 
of the new user; 

determining whether there was a match 
between said information to verify the identity 
of the terminal owner and said registered user 
identity of the terminal owner; 
if said determining step indicated that a match 
exists between said information to verify the 
identity of the terminal owner and said regis- 
tered user identity of the terminal owner, trans- 
mitting a first message destined for a home 
system of said new user advising that the iden- 
tity of the new user is to be registered in said 
terminal; 

receiving a second message from said home 
system including a parameter needed by the 
terminal to access said telecommunications 
system under the identity of the new user; and 
storing in the terminal said identity of the new 
user and an authentication key associated with 
said parameter. 



15 598 A1 22 

20. The method of step 19 further comprising the step 
of calculating said authentication key based on a 
home system key parameter, a modulus value 
parameter, and a random exponent. 

5 

21. A method for use with a telecommunications sys- 
tem for registering in a telecommunications termi- 
nal an identity of a new user, the 
telecommunications system including a home sys- 

10 tern having a record of the identity of said new user 
and of information to verify the identity of said new 
user, comprising the steps of: 

receiving from the new user information to ver- 
15 ify the identity of the new user and a request to 

register the identity of the new user; 
transmitting a message destined for a home 
system advising that the identity of the new 
user is to be registered in said terminal; 
20 said home system determining whether said 

information to verify the identity of the new user 
matches said home system record of the iden- 
tity of said new user; 

if said determining step was successful, said 
25 home system transmitting a message to said 

terminal allowing the terminal to access said 
telecommunications system under the identity 
of the new user; and 

storing in the terminal said identity of the new 
30 user. 

22. The method of step 21 wherein: 

step (d) thereof further comprises the step of: 
35 (d1 ) said home system including in said a mes- 

sage a parameter required in order for said ter- 
minal to access said telecommunications 
system under the identity of the new user; 
and further comprising the steps of: 
40 (f) calculating a primary authentication key 

based on said parameter and 
(g) storing in said terminal said primary authen- 
tication key. 

45 23. The method of claim 21 wherein step (a) thereof 
further comprises the steps of: 

(a1 ) receiving from the terminal owner informa- 
tion to verify the identity of the terminal owner 
so and a request to register the identity of the new 

user; and 

(a2) determining whether said information to 
verify the identity of the terminal owner 
matches said registered user identity of the ter- 
55 minal owner. 

24. The method of claim 21 wherein step (b) thereof 
further comprises the step of transmitting a mes- 
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sage to a serving system in an interfamily format 
different from an intrasystem format of said serving 
system and an intrasystem format of said home 
system. 

25. The method of claim 21 wherein step (d) thereof 
further comprises the step of transmitting a mes- 
sage in an interfamily format different from the intra- 
system format of said serving system and the 
intrasystem format of said home system. 

26. A method for registering someone who already is a 
subscriber of a telecommunications system as a 
new user of a telecommunications terminal, the 
method comprising the steps of 

(a) transmitting from said terminal to said tele- 
communications system first information from 
which the identity of said new user can be veri- 
fied by said telecommunications system, and 

(b) receiving second information at said termi- 
nal transmitted to said terminal in response to 
the receipt of said fast information from said 
terminal, said second information being infor- 
mation which enables said terminal to access 
to said telecommunications system under the 
identity of the new user. 

27. The method of claim 26 comprising the further step 
of storing said second information in said terminal. 

28. The method of claim 26 comprising the further step 
of storing in said terminal an authentication key 
based on said second information. 

29. The method of claim 26 wherein said first informa- 
tion further includes information from which the 
identity of another subscriber of said telecommuni- 
cations system who is an already-registered user of 
said terminal can be verified. 

30. A system for registering someone who already is a 
subscriber of a telecommunications system as a 
new user of a telecommunications terminal com- 
prising: 

(a) means for transmitting from said terminal to 
said telecommunications system first informa- 
tion from which the identity of said new user 
can be verified by said telecommunications 
system, and 

(b) means for receiving second information at 
said terminal transmitted to said terminal in 
response to the receipt of said first information 
from said terminal, said second information 
being information which enables said terminal 
to access to said telecommunications system 
under the identity of the new user. 
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31. The system of claim 30 further comprising means 
for storing said second information in said terminal. 

32. The system of claim 30 further comprising means 
5 for storing in said terminal an authentication key 

based on said second information. 

33. The system of claim 30 wherein said first informa- 
tion further includes information from which the 

w identity of another subscriber of said telecommuni- 
cations system who is an already-registered user of 
said terminal can be verified. 

34. A system for registering someone who already is a 
15 subscriber of a telecommunications system as a 

new user of a telecommunications terminal com- 
prising: 

(a) means for receiving at said telecommunica- 
te tions system from said terminal first information 

from which the identity of said new user can be 
verified by said telecommunications system, 
and 

(b) means for transmitting second information 
25 from said telecommunications system in 

response to the receipt of said first information 
from said terminal, said second information 
being information which enables said terminal 
to access to said telecommunications system 
30 under the identity of the new user. 

35. A method for registering someone who already is a 
subscriber of a telecommunications system as a 
new user of a telecommunications terminal, the 

35 method comprising the steps of 

(a) receiving at said telecommunications sys- 
tem from said terminal first information from 
which the identity of said new user can be veri- 
fied by said telecommunications system, and 

(b) transmitting second information to said ter- 
minal in response to the receipt of said first 
information from said terminal, said second 
information being information which enables 
said terminal to access to said telecommunica- 
tions system under the identity of the new user. 
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TERMINAL OWNER ENTERS REQUEST TO 
AUTHORIZE NEW (OR ADDITIONAL) USER. 



r 212 



TERMINAL DELIVERS 
REQUEST MESSAGE TO UIM. 
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UIM INSTRUCTS TERMINAL TO 
COLLECT OWNER'S PIN, NEW USER'S 
IMSI, AND AN INDICATION OF WHETHER 
NEW USER REGISTRATION WILL BE 

ADDED TO OR WILL REPLACE 
CURRENT USER'S REGISTRATION. 



X 
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TERMINAL PROMPTS OWNER 
AND COLLECTS INFORMATION AS 
INSTRUCTED BY UIM. 
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TERMINAL DELIVERS COLLECTED 
INFORMATION TO UIM. 
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UIM COMPARES COLLECTED 
INFORMATION TO STORED INFORMATION 
TO DETERMINE WHETHER REGISTRATION 
OF NEW USER IS AUTHORIZED. 



UIM ADVISES TERMINAL THAT 
REGISTRATION OF NEW USER 
IS AUTHORIZED. 
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NEW USER ENTERS REQUEST TO 
REGISTER AS A USER OF TERMINAL. 



TERMINAL DELIVERS 
REQUEST MESSAGE TO UIM. 



f 226 
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UIM INSTRUCTS TERMINAL 
TO COLLECT NEW USER'S IMSI 
AND NEW USER'S PIN. 



FIG, 2A 
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TERMINAL PROMPTS NEW USER 
AND COLLECTS INFORMATION AS 
INSTRUCTED BY UIM. 
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TERMINAL DELIVERS COLLECTED 
INFORMATION TO UIM. 
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UIM RECORDS NEW USER'S IMSI 
AND PIN. UIM SENDS REGISTER NEW 
USER MESSAGE TO TERMINAL. 
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TERMINAL FORWARDS REGISTER NEW 
USER MESSAGE TO SWITCHING CENTER 
OF SERVING SYSTEM, APPENDING 
NEW USER'S IMSI AND PIN. 



X 
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SWITCHING CENTER FORWARDS 
REGISTER NEW USER MESSAGE TO 
VISITING LOCATION REGISTER (VLR) 
OF SERVING SYSTEM. 



X 
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SERVING SYSTEM VLR FORWARDS 
REGISTER NEW USER MESSAGE TO 
HOME LOCATION REGISTER/AUTHENTI- 
CATION CENTER (HLR/AC) OF NEW 
USER'S HOME SYSTEM. IF MESSAGE 
WOULD TRAVERSE NNI, VLR TRANSLATES 
MESSAGE TO FORMAT OF A 3rd 
GENERATION INTERFAMILY REQUEST. 



I 



r 242 



HLR/AC OF NEW USER'S HOME 
SYSTEM RESPONDS WITH TERMINAL 
KEY REQUEST MESSAGE TO SERVING 
SYSTEM VLR, INCLUDING MODULUS 
VALUE, PRIMARY KEY VALUE, AND KEY 
GENERATION PROCEDURE PARAMETERS. 
IF MESSAGE WOULD TRAVERSE NNI, 
MESSAGE TRANSMITTED IN THE 
FORMAT OF A 3rd GENERATION 
INTERFAMILY REQUEST. 

TO [7] 
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SERVING SYSTEM VLR FORWARDS 
TERMINAL KEY REQUEST MESSAGE TO 
SERVING SYSTEM SWITCHING CENTER. 
IF MESSAGE HAS TRAVERSED NNI. VLR 
TRANSLATES MESSAGE FROM 3rd 
GENERATION INTERFAMILY REQUEST 
FORMAT TO A FORMAT NATIVE TO 
SERVING SYSTEM. 
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SERVING SYSTEM SWITCHING CENTER 
FORWARDS TERMINAL KEY REQUEST 
MESSAGE TO TERMINAL 



TERMINAL FORWARDS TERMINAL 
KEY REQUEST MESSAGE TO UIM. 
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UIM GENERATES A 
TERMINAL KEY RESPONSE MESSAGE 
AND DELIVERS TO TERMINAL 
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TERMINAL FORWARDS TERMINAL 
KEY RESPONSE MESSAGE TO SERVING 
SYSTEM SWITCHING CENTER. 



SWITCHING CENTER FORWARDS 
TERMINAL KEY RESPONSE MESSAGE 
TO SERVING SYSTEM VLR. 
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SERVING SYSTEM VLR FORWARDS 
TERMINAL KEY RESPONSE MESSAGE TO 
HLR/AC OF NEW USER'S HOME 
SYSTEM. IF MESSAGE WOULD 
TRAVERSE NNI, VLR TRANSLATES 
MESSAGE TO FORMAT OF A 3rd 
GENERATION INTERFAMILY REQUEST. 
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HLR/AC OF NEW USER'S HOME SYSTEM 
RESPONDS WITH GENERATE KEY 
MESSAGE TO SERVING SYSTEM VLR, 
INCLUDING A BSKEY PARAMETER. 
IF MESSAGE WOULD TRAVERSE NNI, 
MESSAGE TRANSMITTED IN THE FORMAT 
OF A 3rd GENERATION INTERFAMILY 
REQUEST. 



X 
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SERVING SYSTEM VLR FORWARDS 
GENERATE KEY MESSAGE TO SERVING 

SYSTEM SWITCHING CENTER. IF 
MESSAGE HAS TRAVERSED NNI, VLR 
TRANSLATES MESSAGE FROM 3rd 
GENERATION INTERFAMILY REQUEST 
FORMAT TO A FORMAT NATIVE TO 
SERVING SYSTEM. 



SERVING SYSTEM SWITCHING CENTER 
FORWARDS GENERATE KEY MESSAGE 
TO TERMINAL 



f 264 



TERMINAL FORWARDS GENERATE 
KEY MESSAGE TO UIM. 



UIM CALCULATES A PRIMARY 
AUTHENTICATION KEY BASED ON THE 
BSKEY PARAMETER, THE MODULUS 

VALUE PARAMETER, AND THE 
UIM-GENERATED RANDOM EXPONENT; 

UIM DELIVERS TERMINAL KEY 
TO TERMINAL. 



FIG. 2B 
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